shortcut_module_04_02_2014_20_36

Document joint : DBew5i0uAIY_shortcut_module_04_02_2014_20_36_34.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

�� | Shortcut_Module | g3n-h@ckm@n | 02.02.2014.2

�� XP | Vista | 7 | 8 - 32/64 bits �� - Start 20:31:03 - 04/02/2014

Mis � jour le : 02/02/2014 | 18.25 par g3n-h@ckm@n

Contact : http://www.sosvirus.net

Boot : Normal

Syst�me : Windows Vista (TM) Home Premium (32 bits) HomePremium Service Pack 2

M�moire RAM = Total (MB) : 3406 | Libre (MB) : 1573
Pagefile = Total (MB) : 7015 | Libre (MB) : 4762
Virtuelle = Total (MB) : 2097 | Libre (MB) : 1976

�� | Mises � jour Windows

Derni�re(s) d�tection(s) : 2014-02-04 10:09:16
Derni�res T�l�charg�es : 2014-01-26 13:15:49
Derni�res install�es : 2014-01-26 13:18:29
Prochaine recherche : 2014-02-05 06:59:31

(948) -- nvvsvc.exe
(1348) -- SLsvc.exe
(1548) -- nvxdsync.exe
(1556) -- nvvsvc.exe
(1948) -- spoolsv.exe
(1588) -- PhotoshopElementsFileAgent.exe
(1828) -- armsvc.exe
(12) -- AppleMobileDeviceService.exe
(620) -- mDNSResponder.exe
(1480) -- ijplmsvc.exe
(2076) -- 57barsvc.exe
(2148) -- MSCamS32.exe
(2200) -- ccsvchst.exe
(2236) -- ccsvchst.exe
(2272) -- NvNetworkService.exe
(2360) -- IoctlSvc.exe
(2428) -- SeaPort.exe
(2636) -- WLIDSVC.EXE
(2704) -- SearchIndexer.exe
(2804) -- X10nets.exe
(2840) -- WLIDSVCM.EXE
(2920) -- YahooAUService.exe
(3204) -- WUDFHost.exe
(3600) -- taskeng.exe
(3936) -- ccsvchst.exe
(3948) -- ccsvchst.exe
(4076) -- explorer.exe
(1544) -- taskeng.exe
(1512) -- GoogleUpdate.exe
(676) -- GoogleCrashHandler.exe
(3872) -- conime.exe
(4232) -- RtHDVCpl.exe
(4240) -- GoogleDesktop.exe
(4268) -- ABoard.exe
(4292) -- wmdSync.exe
(4304) -- AOSD.exe
(4372) -- USB Gamepad.exe
(4580) -- NvTmru.exe
(4616) -- QTTask.exe
(4644) -- BJMYPRT.EXE
(4740) -- CNMNSST.exe
(4776) -- NvBackend.exe
(4808) -- KiesTrayAgent.exe
(4816) -- iTunesHelper.exe
(4832) -- ehtray.exe
(4880) -- SkyDrive.exe
(4900) -- sidebar.exe
(4964) -- SmpSys.exe
(4996) -- ehmsas.exe
(5024) -- MyDriveConnect.exe
(5048) -- Kies.exe
(5064) -- nvtray.exe
(5076) -- wmpnscfg.exe
(5256) -- wmpnetwk.exe
(5388) -- ehsched.exe
(864) -- ehrecvr.exe
(1392) -- iPodService.exe
(5692) -- sidebar.exe
(4708) -- FrameworkEngine.exe
(12712) -- FrameworkEngine.exe
(7428) -- FlashUtil32_12_0_0_38_ActiveX.exe
(3788) -- wlmail.exe
(6944) -- wlcomm.exe
(14164) -- iexplore.exe
(6092) -- iexplore.exe
(6692) -- SearchProtocolHost.exe
(6660) -- SearchFilterHost.exe
(9632) -- Shortcut_Module.exe

�� | D�tournements de raccourcis

D�sinfect� : C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk : C:\Program Files\Google\Chrome\Application\chrome.exe (hxxp://www.awesomehp.com/?type=sc&ts=1391011180&from=adks&uid=WDCXWD3200AAJS-22B4A0_WD-WCAT1333797437974)
D�sinfect� : C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe\Norton Identity Safe.lnk : C:\Program Files\Internet Explorer\iexplore.exe (hxxp://www.awesomehp.com/?type=sc&ts=1391011180&from=adks&uid=WDCXWD3200AAJS-22B4A0_WD-WCAT1333797437974)
D�sinfect� : C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Packard Bell - Divertissement & Loisirs\eBay.lnk : C:\Program Files\Internet Explorer\iexplore.exe (hxxp://www.awesomehp.com/?type=sc&ts=1391011180&from=adks&uid=WDCXWD3200AAJS-22B4A0_WD-WCAT1333797437974)
D�sinfect� : C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Packard Bell - Divertissement & Loisirs\Vacances.lnk : C:\Program Files\Internet Explorer\iexplore.exe (hxxp://www.awesomehp.com/?type=sc&ts=1391011180&from=adks&uid=WDCXWD3200AAJS-22B4A0_WD-WCAT1333797437974)
D�sinfect� : C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Packard Bell - Internet\Internet Explorer.lnk : C:\Program Files\Internet Explorer\iexplore.exe (hxxp://www.awesomehp.com/?type=sc&ts=1391011180&from=adks&uid=WDCXWD3200AAJS-22B4A0_WD-WCAT1333797437974)
D�sinfect� : C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Packard Bell - Photo & Vid�o\Kodak Gallery.lnk : C:\Program Files\Internet Explorer\iexplore.exe (hxxp://www.awesomehp.com/?type=sc&ts=1391011180&from=adks&uid=WDCXWD3200AAJS-22B4A0_WD-WCAT1333797437974)
D�sinfect� : C:\Users\Public\Desktop\Google Chrome.lnk : C:\Program Files\Google\Chrome\Application\chrome.exe (hxxp://www.awesomehp.com/?type=sc&ts=1391011180&from=adks&uid=WDCXWD3200AAJS-22B4A0_WD-WCAT1333797437974)
D�sinfect� : C:\Users\SERGE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk : C:\Program Files\Google\Chrome\Application\chrome.exe (hxxp://www.awesomehp.com/?type=sc&ts=1391011180&from=adks&uid=WDCXWD3200AAJS-22B4A0_WD-WCAT1333797437974)
D�sinfect� : C:\Users\SERGE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk : C:\Program Files\Internet Explorer\iexplore.exe (hxxp://www.awesomehp.com/?type=sc&ts=1391011180&from=adks&uid=WDCXWD3200AAJS-22B4A0_WD-WCAT1333797437974)
D�sinfect� : C:\Users\SERGE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk : C:\Program Files\Internet Explorer\iexplore.exe (hxxp://www.awesomehp.com/?type=sc&ts=1391011180&from=adks&uid=WDCXWD3200AAJS-22B4A0_WD-WCAT1333797437974)
D�sinfect� : C:\Users\SERGE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk : C:\Program Files\Internet Explorer\iexplore.exe (hxxp://www.awesomehp.com/?type=sc&ts=1391011180&from=adks&uid=WDCXWD3200AAJS-22B4A0_WD-WCAT1333797437974)
D�sinfect� : C:\Users\SERGE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jeux Vid�o - Achat et Vente de Jeux Vid�o neufs et d'occasion sur PriceMinister.lnk : C:\Users\SERGE\AppData\Local\Google\Chrome\Application\chrome.exe (hxxp://www.awesomehp.com/?type=sc&ts=1391011180&from=adks&uid=WDCXWD3200AAJS-22B4A0_WD-WCAT1333797437974)
D�sinfect� : C:\Users\SERGE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk : C:\Program Files\Internet Explorer\iexplore.exe (hxxp://www.awesomehp.com/?type=sc&ts=1391011180&from=adks&uid=WDCXWD3200AAJS-22B4A0_WD-WCAT1333797437974)
D�sinfect� : C:\Users\SERGE\Desktop\Internet Explorer.lnk : C:\Program Files\Internet Explorer\iexplore.exe (hxxp://www.awesomehp.com/?type=sc&ts=1391011180&from=adks&uid=WDCXWD3200AAJS-22B4A0_WD-WCAT1333797437974)

�� | D�tournement internet Explorer

R�par� : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main]|[Search Bar] : http://search.msn.com/spbasic.htm -> http://www.google.com/
R�par� : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main]|[Search Bar] : http://search.msn.com/spbasic.htm -> http://www.google.com/
R�par� : [HKU\S-1-5-21-575266262-3813999624-1104846352-1000\Software\Microsoft\Internet Explorer\Main]|[Search Bar] : Preserve -> http://www.google.com/
R�par� : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main]|[Search Bar] : http://search.msn.com/spbasic.htm -> http://www.google.com/
R�par� : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main]|[Start Page] : http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=fr&pid=NIS&pvid=20.3.0.36 -> http://www.google.com/
R�par� : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main]|[Start Page] : http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=fr&pid=NIS&pvid=20.3.0.36 -> http://www.google.com/
R�par� : [HKU\S-1-5-21-575266262-3813999624-1104846352-1000\Software\Microsoft\Internet Explorer\Main]|[Start Page] : https://www.google.fr/ -> http://www.google.com/
R�par� : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main]|[Start Page] : http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=fr&pid=NIS&pvid=20.3.0.36 -> http://www.google.com/
R�par� : [HKU\S-1-5-21-575266262-3813999624-1104846352-1000\Software\Microsoft\Internet Explorer\Main]|[Search Page] : http://www.awesomehp.com/web/?type=ds&ts=1391011180&from=adks&uid=WDCXWD3200AAJS-22B4A0_WD-WCAT1333797437974&q={searchTerms} -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R�par� : [HKLM\Software\Microsoft\Internet Explorer\Search]|[SearchAssistant] : http://www.awesomehp.com/web/?type=ds&ts=1391011180&from=adks&uid=WDCXWD3200AAJS-22B4A0_WD-WCAT1333797437974&q={searchTerms} -> http://www.google.com/ie
R�par� : [HKLM\Software\Microsoft\Internet Explorer\Main]|[Start Page] : http://www.awesomehp.com/?type=hp&ts=1391011180&from=adks&uid=WDCXWD3200AAJS-22B4A0_WD-WCAT1333797437974 -> http://go.microsoft.com/fwlink/?LinkId=69157
R�par� : [HKLM\Software\Microsoft\Internet Explorer\Main]|[Default_Search_URL] : http://www.awesomehp.com/web/?type=ds&ts=1391011180&from=adks&uid=WDCXWD3200AAJS-22B4A0_WD-WCAT1333797437974&q={searchTerms} -> http://go.microsoft.com/fwlink/?LinkId=54896
R�par� : [HKLM\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : http://www.awesomehp.com/?type=hp&ts=1391011180&from=adks&uid=WDCXWD3200AAJS-22B4A0_WD-WCAT1333797437974 -> http://go.microsoft.com/fwlink/?LinkId=69157
R�par� : [HKLM\Software\Microsoft\Internet Explorer\Main]|[Search Page] : http://www.awesomehp.com/web/?type=ds&ts=1391011180&from=adks&uid=WDCXWD3200AAJS-22B4A0_WD-WCAT1333797437974&q={searchTerms} -> http://go.microsoft.com/fwlink/?LinkId=54896
R�par� : [HKU\S-1-5-21-575266262-3813999624-1104846352-1000\Software\Microsoft\Internet Explorer\PhishingFilter]|[Enabled] : 1 -> 2
R�par� : [HKU\S-1-5-21-575266262-3813999624-1104846352-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[ProxyOverride] : <-loopback> -> *.local
R�par� : [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[ProxyOverride] : <-loopback>; -> *.local
R�par� : [HKU\S-1-5-21-575266262-3813999624-1104846352-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[WarnonZoneCrossing] : 0 -> 1
R�par� : [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[WarnonZoneCrossing] : 0 -> 1

�� | D�tournement Google Chrome

[SERGE] Remis a z�ro avec succ�s : SearchURL
[SERGE] Remis a z�ro avec succ�s : Preferences

�� | D�tournement Firefox

[SERGE] Remplac� : user_pref("browser.search.defaultengine", "Ask.com"); -> user_pref("browser.search.defaultengine", "google.com");
[SERGE] Remplac� : user_pref("browser.search.defaultenginename", "Ask.com"); -> user_pref("browser.search.defaultenginename", "google");
[SERGE] Remplac� : user_pref("browser.search.order.1", "Ask.com"); -> user_pref("browser.search.order.1", "google.com");
[SERGE] Remplac� : user_pref("browser.search.selectedEngine", "Ask.com"); -> user_pref("browser.search.selectedEngine", "google");
[SERGE] Remplac� : user_pref("browser.startup.homepage", "http://home.sweetim.com"); -> user_pref("browser.startup.homepage", "http://www.google.fr");
[SERGE] Remplac� : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Ask.com"); -> user_pref("browser.search.defaultenginename", "google");
[SERGE] Remplac� : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Ask.com"); -> user_pref("browser.search.selectedEngine", "google");
[SERGE] Remplac� : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "http://mystart.incredimail.com/mb106?a=6R86Sl0C3f"); -> user_pref("browser.startup.homepage", "http://www.google.fr");
[SERGE] Remplac� : user_pref("browser.search.defaultengine", "Ask.com"); -> user_pref("browser.search.defaultengine", "google.com");
[SERGE] Remplac� : user_pref("browser.search.defaultenginename", "Ask.com"); -> user_pref("browser.search.defaultenginename", "google");
[SERGE] Remplac� : user_pref("browser.search.order.1", "Ask.com"); -> user_pref("browser.search.order.1", "google.com");
[SERGE] Remplac� : user_pref("browser.search.selectedEngine", "Ask.com"); -> user_pref("browser.search.selectedEngine", "google");
[SERGE] Remplac� : user_pref("browser.startup.homepage", "http://home.sweetim.com"); -> user_pref("browser.startup.homepage", "http://www.google.fr");
[SERGE] Remplac� : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Ask.com"); -> user_pref("browser.search.defaultenginename", "google");
[SERGE] Remplac� : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Ask.com"); -> user_pref("browser.search.selectedEngine", "google");
[SERGE] Remplac� : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "http://mystart.incredimail.com/mb106?a=6R86Sl0C3f"); -> user_pref("browser.startup.homepage", "http://www.google.fr");

�� | D�tournement des cl�s StartMenuInternet

R�par� : [HKLM\Software\Clients\StartMenuInternet\IExplore.exe\shell\open\command] : C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com/?type=sc&ts=1391011180&from=adks&uid=WDCXWD3200AAJS-22B4A0_WD-WCAT1333797437974 -> "C:\Program Files\Internet Explorer\iexplore.exe"
R�par� : [HKLM\Software\Clients\StartMenuInternet\Safari.exe\shell\open\command] : C:\Program Files\Safari\Safari.exe http://www.awesomehp.com/?type=sc&ts=1391011180&from=adks&uid=WDCXWD3200AAJS-22B4A0_WD-WCAT1333797437974 -> "C:\Program Files\Safari\Safari.exe"

�� | D�tournement Javascript

�� | Fichiers temporaires

[All Users] Fichiers temporaires Supprim�s : 0 Ko
[Default User] Fichiers temporaires Supprim�s : 11 Ko
[Default] Fichiers temporaires Supprim�s : 0 Ko
[UpdatusUser] Fichiers temporaires Supprim�s : 0 Ko
[Public] Fichiers temporaires Supprim�s : 0 Ko
[SERGE] Fichiers temporaires Supprim�s : 441831 Ko

�� |EOF| ��

Signaler le contenu de ce document